Initial Disclosure Date: Sep 26, 2013

As the number of APTs against the Japanese government and major companies, the Ministry of Internal Affairs and Communications (MIC) hosted the first cyber exercise to enhance the cyber defense capabilities of LAN administrators who work for ministries and major companies. The first Cyber Defense Exercise with Recurrence or CYDER was conducted between September 25th and 26th, 2013, using LAN for thousands of users. The MIC plans to have five more exercises by the end of March 2014, which is the end of Japanese Fiscal Year 2013. ^(footnote:1) The ministry wants to continue to conduct exercises until the end of JFY 2017 and invite government-affiliated agencies and private companies in the future. ^(footnote:2)

Hitachi, NEC, and NTT Communications supported the first exercise as MIC contractors. 25 Information System Administrators participated in the exercise from five ministries including the MIC, Ministry of Defense, and Ministry of Justice. National Institute of Information and Communications Technology’s Hokuriku StarBED Technology Center provided a few thousands of computers. The exercise scenario entails the infection of a few computers that connected to the LAN by a phishing email with malware attachment. Security Operation Centers contracted by the ministries detected C&C communications. On Day 1, participants listened to a lecture in the morning and implemented a simulation to monitor and analyze cyber-attacks in the afternoon after checking their simulation environment. If a participant was not able to respond properly, NEC contractors provided advice on the spot. On Day 2, the participants had some group work and presented their lessons learned. ^(footnote:3)

Sources:

1. Ministry of Internal Affairs and Communications, “Hodo Shiryo: ‘Jissen-teki saiba bogyo enshu (CYDER)’ no jisshi [Press Release: MIC conducts practical cyber defense exercises called CYDER],” September 25, 2013,
   http://www.soumu.go.jp/menu_news/s-news/01ryutsu03_02000057.html
2. Nihon Keizai Shimbun, “Saiba kogeki heno bogyo, kankocho ga enshu [Ministries conducted a cyber defense exercise],” September 25, 2013,
   http://www.nikkei.com/article/DGXNASFS2502P_V20C13A9PP8000/
   Nihon Keizai Shimbun, “Somu-sho ga saiba kogeki no bogyo enshu wo jisshi [The Ministry of Internal Affairs and Communications conducted a cyber defense exercise],” September 26, 2013,
   http://www.nikkei.com/article/DGXNASFK2502B_V20C13A9000000/
3. Sankei Shimbun, “Saiba kogeki wo husege Somu-sho no jissho jikken wo Hitachi nado ga jutaku [The Ministry of Internal Affairs and Communications conducted an experimental exercise to prevent cyber-attacks and contracted private companies including Hitachi],” September 25, 2013,
   http://sankei.jp.msn.com/economy/news/130925/biz13092517540015-n1.htm
   Nihon Keizai Shimbun, “Saiba kogeki heno bogyo, kankocho ga enshu [Ministries conducted a cyber defense exercise],” September 25, 2013,
   http://www.nikkei.com/article/DGXNASFS2502P_V20C13A9PP8000/
   Nihon Keizai Shimbun, “Somu-sho ga saiba kogeki no bogyo enshu wo jisshi [The Ministry of Internal Affairs and Communications conducted a cyber defense exercise],” September 26, 2013,
   http://www.nikkei.com/article/DGXNASFK2502B_V20C13A9000000/

※ Each company name, an organization name, and a brand name are a trade name of each company and each organization, or a registered trademark.